Turris at FOSDEM’18

Jan. 24, 2018

FOSDEM is the Free and Open Source Software Developers' European Meeting - a non-commercial, volunteer-organized European event focused on free and open-source software development. This year the meeting takes place the 3rd to 4th of February in Brussels. For the past couple of years, the Turris team has been present and we will also be attending FOSDEM this year, in fact in greater numbers than ever! We are excited to attend the conference and will be looking forward to meeting anyone, who decides to pay our stand in building AW a visit. If you decide to stop by, you will have the chance to chat with our developers and other members of the team, play a game of Turtris, get some stickers or even a 15% discount on Turris Omnia.

See you there!

Critical security issues Meltdown and Spectre

Jan. 5, 2018

      In the first days of January, news came out about two critical security issues called Meltdown and Spectre. They are rather serious security problems, because they affect the majority of the world’s computers. Team Turris in cooperation with other security teams is working intensively on finding a solution to the problems.

     Turris Omnia and Turris 1.x routers are potentially threatened by Spectre, which affects some processors with ARM and PowerPC architecture. As of now, there hasn't been any public news of how Spectre could specifically be used. However, a potential attacker has to have detailed knowledge of the target processor and install dangerous code on the device beforehand in order to cause harm. This means that a potential attacker has to get the opportunity of running his own code on the victim’s device. If you use updated and safe software, the risk isn’t big on Turris Omnia devices. In light of this, we would like to warn our users not to install other software than that distributed by us on their routers. Please be extra careful, if you run virtual servers on your router using LXC containers.

     Finding a reliable solution to the problems is ...

The Christmas dimension in the Turris Team

Dec. 12, 2017

The advent time calls for special attention to our community and gingerbread baking and decorating  is a Czech national tradition. We gave Christmas a little spin this year with our 3D printed (and tested!) gingerbread cutters, which are available on thingiverse.com. We will be thrilled, if you decide to print and try out our cookie cutter and please do share the results with us via any communication channel! Find a tested gingerbread recipe below. 

Team Turris wishes you a happy advent time!

Turris gingerbread

Gingerbread dough:

300 gr. Flour

½ teaspoon salt

1 teaspoon baking powder 

1 teaspoon ground cinamon, ¼ ground cloves

If you want you can add an extra tablespoon of cocoa powder to make the dough darker in color. 

100 gr melted butter

100 gr powder sugar 

2 larger eggs

4 tablespoons of honey

Mix the flour, salt, baking powder and sugar in a bowl. Whisk the eggs in another bowl with the melted but lukewarm butter and mix in with the contents of the first bowl. The finished dough should be sticky. Wrap it in cling foil and let settle in the fridge at least over night. Roll thin slices from the dough, cut out shapes and ...

Wi-Fi Upgrade Pack for Turris 1.x

Dec. 11, 2017

The older Turris routers (versions 1.0 and 1.1) still have some of the most powerful hardware available today. The only thing they lack in is modern Wi-Fi hardware. They do not permit a 2,4 and 5GHz bandwidth simultaneously, because they only support 802.11 a/b/g/n standards. To bring also our older models up to date, we have prepared the Wi-Fi Upgrade Pack for our Turris 1.x users. The package has a price of 1600CZK and will bring you up to the 802.11ac standard, that is the fastest available wireless connection. 

You can have a look at the precise contents of the WiFi Upgrade Pack and buy it at the Discomp webshop

The Wi-Fi Upgrade pack is for Turris 1.x routers and not for Turris Omnia. Turris Omnia has 802.11ac Wi-Fi from the factory. 

How to contribute to Project Turris

Nov. 10, 2017

If you like Turris and you have an idea how to help us or you just want a special feature or hack, which you think might be interesting for the rest of the community, you can always contribute code. Turris OS is open software, which means that anyone who is able and willing can contribute. Our documentation features an article with a few hints on where and how to contribute. We truly value each contributor and contribution. 

If you don’t feel like coding, but you still want to help our project, another valued way to contribute is to take part in testing new Turris releases. Release Candidate is a system build, which we are currently considering releasing and we frequently ask our community to help us test it. You can easily do that by switching to the RC branch as described in this short article. After you have switched to RC, you can check if your favorite functions still work the way they should and in case they don’t, write to us at tech.support@turris.cz.

Lastly, feel free to have a look at our community documentation, which has grown considerably in the last few months. Our ...

Turris OS 3.8 is out!

Sept. 14, 2017

Turris OS 3.8 is here at last! It took us slightly longer to release it, but we worked hard on it and we think the wait was worth it, because 3.8 has lots of new cool features. Many thanks go to our devoted community for helping us test all the new functions – thanks for being with us!

This time the main changes and improvements include:

• Foris now gives you the option to set bandwidth limits for the Guest network.

• A new function in Foris is also the option to propagate client names into local DNS.

• One big joint step for Foris and the Updater are Delayed updates. You can have a look at how to use the Delayed updates function in our documentation.

Russian, Danish and Lithuanian community translations have been added to Foris. You can turn these languages on in the "Updater" tab in Foris …and if you would like Foris to speak your own language, consider becoming a community translator ;-)!

• Userlists changes include trimmed down dependencies.

• Suricata has been updated to a new version with more modular configuration and helper packages.

Php7 is now supported!

• A new package has been added: MariaDB.

A big new feature ...

Petya / Petrwrap ransomware attacks

June 28, 2017

The Petya / Petrwrap ransomware has been actively spreading over the last few days. It is the first major attack when we can use a new surveillance center with integrated data acquisition from the Turris routers, so let's take a look at several outputs.

Since June 22, the number of infected computers has dramatically increased, as we see in the rapid growth of honeypot records. Honeypot records indicate the number of attempted unauthorized login to "naively secure client devices" emulated by our servers. The previously quite stable level has so far been disturbed by isolated attacks, but after 22.6. The number of honeypot records increases by half and grows only moderately.

Petya Honeypot

It is also interesting to note that in the first third of June, the number of refused connections has increased significantly, indicating the number of attempts to connect to the Internet in which the counterparty did not respond. Such records are now typical of malware and ransomware that connect to the Internet on already inactive control servers or attempt to spread the Internet.

Petya attacks

From the data, we might conclude that we are moving near the peak of the Petya attack and its largest current wave (until further modification ...

Turris OS 3.7 out now!

June 26, 2017

Last few weeks, we had been working hard release of Turris OS version 3.7. It took a little bit longer time than we are used to when providing a new version. We are sorry for that. 

On our way to milestone 3.7, we fixed a lot of hidden bugs. Many of them were found by our wonderful community so this version is as good as it is thanks to all of you! Thank you very much once again and let's take a look at changes and improvements:

  • We have changed URL of Foris to /foris
  • Foris now offers simple guest Wi-Fi setup! Read how to set it up!
  • Foris now "speaks" Slovak, Polish and French. You can turn them on in "Updater" tab in Foris. If you want to teach Foris your own language, become a translator.
  • OpenVPN server in Foris now has more options
  • There is an experimental support for graphics cards (very geeky thing :D ) Let's play!
  • Parental control features are slowly growing. Experimental support for new devices detection is here!  You'll be notified about newly connected devices in Foris "Home" panel. Turn it on in "Updater" section.
  • Migration to the new updater ...

Fix of Samba security issue

May 25, 2017

Dear Turris users,

the new security issue has been discovered in samba packages from version 3.5 onwards. This issue allows the attacker to run the malicious code of his choice on the vulnerable device.

We are testing the security patch for Turris routers right now and we want to release it tomorrow.

Until that, samba users can use this workaround:

Add the parameter:

`nt pipe support = no`

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

Good to know:

  •  Please, do not open smb sharing to the Internet. Never. It is not secure.
  •  Keep automatic updates on.

You can find out more about this issue on the topic on our forum.